b'The USPS Global Card: A Conceptual Analysis\n         of a Smart Card Platform\n\n\n\n\n                            February 13, 2012\n\n\n\n\nPrepared by U.S. Postal Service Office of Inspector General\n            Risk Analysis Research Center\n            Report Number: RARC-WP-12-006\n\x0cU.S. Postal Service Office of Inspector General                                                   February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                       RARC-WP-12-006\n\n\n    The USPS Global Card: A Conceptual Analysis of a Smart\n                       Card Platform\n\n                                         Executive Summary\n\nThe digital revolution has radically transformed the world, driving innovation, improving\ninterconnectedness, and providing instant access to information and knowledge.\nHowever, this rapid shift toward a more digital world is not without its imperfections. The\nfragmented nature of communications in the current digital landscape has left\nconsumers open to substantial risk resulting from a lack of adequate infrastructure to\nsecure transactions, assure privacy in communications, and allow integration of digital\nand physical messages and data. As the 21st century and the Information Age continue\nto evolve, there is an increasingly apparent need for a secure digital environment that\nrespects consumer privacy while also improving the efficiency and convenience of daily\ntransactions and information management.\n\nGiven its federally mandated mission to promote commerce, communication, and\ntransactions to bind the nation together, in addition to its vast infrastructure and core\ncompetencies, the United States Postal Service is positioned to play a significant role in\nproviding solutions to problems of the digital age. In its paper The Postal Service Role in\nthe Digital Age Part 2: Expanding the Digital Platform, 1 the U.S. Postal Service Office of\nInspector General (OIG) Risk Analysis Research Center (RARC) constructs a digital\nstrategy for the Postal Service that would enable it to extend its physical platform into\nthe digital sphere and \xe2\x80\x9cprovide needed solutions through a suite of digital products and\nservices.\xe2\x80\x9d\n\nThis paper expands that analysis by introducing the concept of a Postal Service-offered\nsmart card that could be called the \xe2\x80\x9cUSPS Global Card.\xe2\x80\x9d This postal-centric version of a\nsmart card would not only provide consumers with an access key to current and future\npostal services and other government and commercial applications, but could be\nenhanced over time to also provide consumers with an increased level of security and\nprivacy in daily transactions, information management, and data storage wholly\nunmatched by today\xe2\x80\x99s alternatives. Beyond security and privacy improvements, the\nsmart card design would allow the Global Card to act as a conveniently portable\nplatform for multiple application solutions including identification, authentication, and\ndata storage, among others. The paper presents the following highlights:\n\n1. The ongoing rapid shift toward digital communications, commerce, and transactions\n   has left consumers\xe2\x80\x99 personal information exposed to misuse and fraud. The Postal\n   Service Global Card would provide consumers with a secure and private, yet\n\n\n1\n U.S. Postal Service Office of Inspector General, The Postal Service Role in the Digital Age Part 2: Expanding the\nDigital Platform, Report No. RARC-WP-11-003, April19, 2011, http://www.uspsoig.gov/foia_files/RARC-WP-11-\n003.pdf.\n\n\n                                                          i\n\x0cU.S. Postal Service Office of Inspector General                                                    February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                        RARC-WP-12-006\n\n\n    convenient and efficient, option for performing daily transactions and storing data in\n    both the digital and physical worlds.\n\n2. To maximize seamless integration into consumer lifestyle, the Global Card would be\n   offered in two formats: in a credit card-like form and integrated with a mobile phone\xe2\x80\x99s\n   Subscriber Identity Module (SIM) card.2 Either format would offer full functionality\n   and serve consumer needs.\n\n3. In recognition of the increasing trend toward consumer control in communications,\n   the Global Card design is consumer-centric. While it is likely that other entities would\n   provide similar products, they would not have the same consumer focus. The card\n   itself is optional (upon request), as are all card applications. Similarly, the user\n   chooses security and privacy settings based on personal preference and need.\n\n4. The card\xe2\x80\x99s microprocessor and associated operating system would increase\n   consumer convenience by enabling the user to load multiple applications onto the\n   card, including, but not limited to postal, eGovernment, eCommerce, and data\n   storage applications. Applications are segregated from one another ensuring data\n   required by one application cannot be accessed by others.\n\n5. To further increase the card\xe2\x80\x99s functional flexibility and convenience, the Global Card\n   would be a dual-interface card, enabling data to be read from and written to using\n   both contact and contactless card readers.\n\n6. The Global Card could serve as an e-Identification system, thus acting as a solution\n   to inadequate authentication measures in the digital and physical worlds. As a basic\n   feature, this application would allow consumers to obtain two digital certificates, one\n   to be used for electronic authentication, while the other provides the user with a\n   digital signature.\n\n7. Additionally, the Global Card would serve as an access key to current and future\n   Postal Service products and services such as gopost.\xe2\x84\xa2 Perhaps most notably, the\n   Global Card could be linked to a user\xe2\x80\x99s eMailbox, providing the user with increased\n   privacy control in transactions requiring physical address information. Similarly,\n   when linked to a user\xe2\x80\x99s eLockbox, the Global Card serves as a powerful, portable,\n   secure storage tool for sensitive information.\n\n8. The Postal Service is uniquely positioned to work with the federal government to\n   provide eGovernment services to citizens. The Global Card could facilitate these\n   services by providing a secure method of citizen identity verification and creating a\n   way to receive and access government benefits, including Social Security payments,\n   food stamps, and Medicare benefits, among others.\n\n\n2\n  A SIM card is a type of smart card that stores data such as identity, phone number, contact lists, and network\nauthorization for Global System for Mobile (GSM) communication cellular telephone subscribers. In addition to\nimproving security for subscribers through features such as authentication and encryption, a SIM card can be\nconveniently switched from one phone to another, transferring the user\xe2\x80\x99s data with it.\n\n\n                                                           ii\n\x0cU.S. Postal Service Office of Inspector General                             February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                 RARC-WP-12-006\n\n\n9. The functional possibilities of the card are endless. As an open and flexible platform,\n   the Global Card is intended to provide third parties with an appropriate forum to\n   innovate and provide consumers with any number of useful applications.\n\n10. As a smart card, the Global Card offers consumers an increased level of security\n    and privacy unmatched by traditional magnetic stripe cards as well as online\n    username and password identity management systems, rendering it a powerful\n    antifraud and identity theft prevention tool. It would employ advanced encryption to\n    transfer information to and from the card.\n\n11. The Global Card allows for a number of security and privacy control precautions to\n    be established, thereby further increasing security and privacy in digital and physical\n    transactions. These include, but are not limited to, multifactor authentication, use of\n    biometric indicators in identity verification, data encryption, and enabling binary\n    response authentication.\n\n12. Current Postal Service infrastructure, including its nationwide physical presence, its\n    online access point, and its law enforcement element, provide immediate assistance\n    and protection against fraud and identity theft in the event of a lost or stolen card.\n\nThe Postal Service would be one of a number of multifunction smart card providers on\nthe market. However, its features would set it apart from others: meeting the needs of\nthe underserved, operating as a gateway to e-government, and offering a level of legal\nstanding that many cards cannot provide.\n\nThis paper presents a unique opportunity for the Postal Service to leverage its valuable\nassets and its mandated role in the communications infrastructure, while also improving\nthe quality of life for American citizens in a rapidly changing and mobile world. The\nUSPS Global Card would offer consumers a solution to security and privacy concerns\nwhile also improving convenience and efficiency in daily transactions and data storage\nand management.\n\n\n\n\n                                                  iii\n\x0cU.S. Postal Service Office of Inspector General                                                                 February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                                     RARC-WP-12-006\n\n\n\n\n                                                  Table of Contents\n\nIntroduction ..................................................................................................................... 1\xc2\xa0\n\nProduct Description ......................................................................................................... 1\xc2\xa0\n          Basic Features...................................................................................................... 3\xc2\xa0\n          Optional Features ................................................................................................. 5\xc2\xa0\n\nSecurity ........................................................................................................................... 6\xc2\xa0\n\nThe Registration Process ................................................................................................ 8\xc2\xa0\n\nBusiness Model ............................................................................................................... 9\xc2\xa0\n\nConclusion ...................................................................................................................... 9\xc2\xa0\n\n\n                                                             Table\n\nTable 1                 eID Systems in Other Countries ............................................................ 4\xc2\xa0\n\n\n                                                           Figures\n\nFigure 1                The USPS Global Card ......................................................................... 3\xc2\xa0\n\nFigure 2                The USPS Global Card Registration Process........................................ 8\xc2\xa0\n\n\n\n\n                                                                  iv\n\x0cU.S. Postal Service Office of Inspector General                                              February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                  RARC-WP-12-006\n\n\n\n\n    The USPS Global Card: A Conceptual Analysis of a Smart\n                       Card Platform\n\nIntroduction\nThe digital revolution has radically transformed the world, driving innovation and\nimproving interconnectedness and instant access to information and knowledge. The U.S.\nPostal Service Office of Inspector General Risk Analysis Research Center (RARC) is\npresently involved in a comprehensive research effort intended to examine the impact of\nthe digital revolution on communications and commerce and how the Postal Service may\nleverage its infrastructure and competencies to better support the increasingly digital\nworld. The first of these papers, The Postal Service Role in the Digital Age Part 1: Facts\nand Trends,3 finds that, while the digital revolution has afforded individuals greater\nconvenience and efficiency in daily communications and transactions, it has\nsimultaneously given rise to a number of security and privacy concerns. As a growing\nvolume of services and activities go digital, individuals control less of their personal data,\ninadvertently exposing private information to misuse or fraud.\n\nThe Postal Service could help counteract some of these ongoing privacy and security\nconcerns in conjunction with its new gopost\xe2\x84\xa2 parcel locker network. To provide\ncustomers access to the parcel locker stations\xe2\x80\x99 services, the Postal Service has\nannounced its intention to use a card system. However, rather than adopting a single-\nfunction card, a chip-embedded smart card system may offer the Postal Service a better\nopportunity to leverage its existing infrastructure and competencies. The smart card\nenvisioned would not only provide access to the gopost network, but could also provide\ncustomers with an access key to the postal infrastructure and a wide range of other\ncurrent and future services. Furthermore, the higher security and privacy afforded by the\nsmart card design would allow the card to act as a conveniently portable platform for\nmultiple application solutions including identification, authentication, and data storage,\namong others.\n\nThis concept paper explores the potential design and functionality of a Postal Service\xe2\x80\x93\noffered smart card. The multiple applications and security features of the card are guided\nby its intended purpose: to provide consumers with a secure and private, yet convenient\nand efficient, option for performing daily transactions and data storage in both the digital\nand physical worlds.\n\nProduct Description\nThe term \xe2\x80\x9csmart card\xe2\x80\x9d refers to a plastic card containing an embedded computer chip that\nstores and processes data and conducts business transactions. Smart cards often\nresemble credit cards in size and shape, although smart card technology is also\n3\n U.S. Postal Service Office of Inspector General, The Postal Service Role in the Digital Age Part 1: Facts and\nTrends, Report No. RARC-WP-11-002, February 24, 2011, http://www.uspsoig.gov/foia_files/RARC-WP-11-002.pdf.\n\n\n                                                       1\n\x0cU.S. Postal Service Office of Inspector General                                                February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                    RARC-WP-12-006\n\n\nfrequently used for telecommunications applications in Subscriber Identity Modules (SIM).\nSmart card systems can vary widely from one another depending on the type of chip\nembedded in the card, the type of data stored on the card, and how that data is written\nand retrieved.\n\nThe purpose of the Global Card is to provide users with an option to improve security and\nprivacy in daily transactions in both the physical and digital worlds, while also increasing\nthe efficiency and convenience with which these        The purpose of the Global Card is\ntransactions are executed. With this purpose in        to provide users with an option to\nmind, the Global Card would resemble a credit          improve security and privacy in\ncard in size and shape so as to be easily              daily transactions in both the\nincorporated into a user\xe2\x80\x99s daily activities.           physical and digital worlds.\nHowever, to maximize the card\xe2\x80\x99s flexibility as\nwell as its appeal to a variety of consumer preferences, it could also be integrated into\nmobile phone\xe2\x80\x99s SIM card. While the latter of these options is likely to appeal to a younger,\nmore mobile device-savvy population, it offers all consumers the opportunity to further\nincrease the utility of mobile phones in daily transactions and data management.4 Either\nformat would offer the full function and serve consumer needs.\n\nAdditionally, the card, whether offered in a credit card-like form, as a SIM card, or both,\nwould contain a microprocessor that would allow it to both manage and process data.\nMuch like a personal computer, the Global Card would organize data into the appropriate\nfile; each file is, in turn, associated with an application. By compartmentalizing data into\nfiles, the card enables access control, allowing each application to access only the data\nessential to its purpose. For example, when making a purchase online, the eRetailer\nwould only be granted access to the credit card information specified by the user; access\nto other stored information, such as the consumer\xe2\x80\x99s medical records or a pointer to those\nrecords, would be prohibited and vice versa. Rules regarding data security through\napplication segregation and other basic platform-level security features such as\nencryption are typically controlled and enforced by the smart card\xe2\x80\x99s operating system.\n\nGiven a rising interest in multi-application smart cards, there are currently a number of\nreadily available operating systems to choose from when designing the Global Card.\nBeyond the basic security afforded by compartmentalizing data and ensuring the\nsegregation of applications, the multifunctionality of the Global Card also affords much\ngreater convenience as it allows users the option to consolidate multiple cards into one.\n\nTypically, smart cards rely on an external card reader to interface with a PC for most\ntransaction needs, including reading and writing to the card. The Global Card would be a\ndual-interface card, which allows for communication between the card\xe2\x80\x99s single\nmicroprocessor and a reader via both contact and contactless devices.5 Contact\ncommunication requires a physical connection between the smart card and a card reader.\nThis type of communication is most commonly used for ID and stored value applications.\nContactless communication, on the other hand, relies on a radio frequency to connect to\n4\n Service would likely require a partnership with wireless providers.\n5\n Development of such an application would need to be compatible with technology specifications such as ISIS or\nGoogle Wallet.\n\n\n                                                        2\n\x0cU.S. Postal Service Office of Inspector General                                                                              February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                                                  RARC-WP-12-006\n\n\nthe card and is most commonly used with payment and physical access control\napplications. Allowing for multiple modes of communication ensures the card\xe2\x80\x99s functional\nflexibility. Finally, given that card functions are likely to change as new applications\nbecome available, the card would optimally have a dynamic application operating system,\nwhich would allow updates and other changes to be downloaded after card issuance, as\nthey become available.\n\n                                                Figure 1: The USPS Global Card\n\n                    Information                                                                    Access to Postal Services\n                                                                                                  \xe2\x80\xa2Access Key to Postal Services (i.e.\n         \xe2\x80\xa2Basic Electronic ID (includes photo                                                      hybrid mail, stamps, change of\n          and optional biometric indicator)                                                        address, shipping labels, gopost)\n         \xe2\x80\xa2Digital Signature                                                                       \xe2\x80\xa2eMailbox Authentication\n         \xe2\x80\xa2Secure Online ID Authentication                                                         \xe2\x80\xa2Portable eLockbox with added levels\n                                                                                                   of security\n         \xe2\x80\xa2Medical Record/Information\n                                                                                                  \xe2\x80\xa2Card cancellation/replacement\n         \xe2\x80\xa2Data and Document Storage                                                                services available via USPS\n\n                                                  USPS Global Card\n                                                                                                   physical and online access points.\n\n                                                                                        Insert\xc2\xa0\n                                                             SIGNATURE:                Picture\xc2\xa0\n                                                             Jane A Sample               Here\n                                                  CARD NO.\n                                                  1234 5432 1024 6811\n                                                  NAME:                       UNITED STATES\n                                                  JANE A SAMPLE               POSTAL SERVICE\n\n                  Transactions:                                                                     E-Government Services:\n         \xe2\x80\xa2Pre-Paid Digital Currency\n                                                                                                  \xe2\x80\xa2Electronically Sign Official\n         \xe2\x80\xa2Electronic Wallet for E-Commerce\n                                                                                                   Documents\n         \xe2\x80\xa2Contactless Payment (i.e. tolls,\n          public transit, etc.)                                                                   \xe2\x80\xa2Receive Government Payments and\n                                                                                                   Benefits (i.e. tax refunds)\n         \xe2\x80\xa2Secure Electronic Bill Pay and Time\n          Stamp                                                                                   \xe2\x80\xa2Access Medicare Benefits\n         \xe2\x80\xa2Loyalty Programs                                                                        \xe2\x80\xa2Voter Identification\n\n\n\nSource: OIG Analysis\n\nThe multifunctionality of the Global Card, in combination with its ability to communicate\nvia contact and contactless readers and its capability to be updated dynamically, ensures\nthat the card will be able to act as a platform for multiple application solutions. However, it\nis important to note that the addition of each of these features will likely increase the\ncard\xe2\x80\x99s cost of production. Finally, the digital revolution has undoubtedly empowered\nconsumers, enabling them to choose how and with whom they transact and communicate\nbased on personal preferences. The Global Card would closely follow this trend.\nConsumer choice will drive this offering. The card itself would be optional, as would each\nof its applications and security and privacy settings.\n\nFigure 1 illustrates the Global Card in its credit card-like form and identifies its basic\nfeatures and functionalities. Each of these will be discussed in greater detail in the\nfollowing sections of this paper.\n\n\n\n\n                                                                          3\n\x0cU.S. Postal Service Office of Inspector General                                                    February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                        RARC-WP-12-006\n\n\nBasic Features\n\nWhile the digital revolution has had many positive socioeconomic impacts, it has also\nbeen synonymous with a rise in security and privacy concerns. In the digital sphere, these\nconcerns often surround the lack of adequate authentication measures. The Global Card\ncould potentially offer a solution to this problem by serving as a portable electronic\nidentification (eID) system.\n\nIn addition to containing stored basic information about the user, such as name, date of\nbirth, and physical residence, as an eID, consumers could also have the option of\n                                 obtaining two digital certificates. One would be used for\nConsumers could also have\nthe option of obtaining two      electronic authentication, while the other would provide\ndigital certificates, one to be  the user with a digital signature; both certificates would be\nused for electronic              stored on the card\xe2\x80\x99s microprocessor. The eID function of\nauthentication, while the        the Global Card could then be used by any number of\nother provides the user with     other public and private sector applications through\na digital signature.             partnership agreements including signing income tax\n                                 declarations, providing medical records, accessing both\nfederal and local government services, and making purchases (especially for peer-to-peer\ntransactions).\n\nA number of foreign countries are presently exploring the use of eID cards as a platform\nfor a broad range of services (see Table 1 for a sample of countries implementing an eID\nsystem). A more in depth analysis of the Global Card may involve further exploration of\nforeign eID systems to better understand the benefits and obstacles of an eID application.\n\n                                   Table 1: eID Systems in Other Countries\nCountry           Digital        Digital    Government     Biometric    Health     Transactions/   Mobile       Private\n               Authentication   Signature    Services                  Records       Financial                  Sector\n                                                                                                              Alternative\nAustria             \xef\x83\xbc              \xef\x83\xbc            \xef\x83\xbc                         \xef\x83\xbc             \xef\x83\xbc            \xef\x83\xbc\nBelgium             \xef\x83\xbc              \xef\x83\xbc            \xef\x83\xbc\nDenmark                            \xef\x83\xbc            \xef\x83\xbc                                       \xef\x83\xbc\nEstonia             \xef\x83\xbc              \xef\x83\xbc                                                                 \xef\x83\xbc\nMalaysia            \xef\x83\xbc                           \xef\x83\xbc             \xef\x83\xbc                         \xef\x83\xbc            \xef\x83\xbc\nNorway              \xef\x83\xbc                           \xef\x83\xbc                                                    \xef\x83\xbc            \xef\x83\xbc\nSaudi Arabia        \xef\x83\xbc                                         \xef\x83\xbc\nSource: OIG Analysis based on Explaining International Leadership: Electronic Identification Systems, 2011.\n\n\nThe Global Card would additionally serve as the access key to current and future Postal\nService infrastructure and services. For example, the card could be used to access\ngopost or authenticate a user to perform a change of address. Additionally, the card could\nbe used in reverse hybrid mail applications or the purchase of stamps. With regard to\nfuture services, the card, in combination with its eID functions, could be used in\nauthentication and credentialing for the eMailbox system proposed and defined by RARC\n\n\n                                                          4\n\x0cU.S. Postal Service Office of Inspector General                                                    February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                        RARC-WP-12-006\n\n\nin its white papers, the Postal Service Role in the Digital Age Part 2: Expanding the Postal\nPlatform6 and eMailbox and eLockbox: Opportunities for the Postal Service.7 The secure\nnature of the Global Card would render it a natural extension of the RARC proposed\neLockbox, providing a conveniently portable version of the data storage service,\naccessible at any PC or smart phone with a smart card reader.\n\nOptional Features\n\nThe Global Card is intended to be an open and flexible        The Global Card is intended\nplatform, encouraging innovation and the development of to be an open and flexible\nadditional applications by third parties. As with any         platform, encouraging\nplatform, the success of the Global Card will be defined      innovation and the\nby positive network effects.8 In order to obtain a critical   development of additional\nmass, the Postal Service is uniquely positioned to work       applications by third parties.\nwith other government agencies to invest in optional\neGovernment applications for its smart card product. For example, users could opt to\nreceive tax refunds, Social Security checks, food stamp credits, and other government\nbenefits via the Global Card. The card\xe2\x80\x99s digital signature function could be used to sign\nofficial documents such as a passport form, as well as a tool for other innovative\neGovernment services such as online voting.\n\nThe digital revolution has sparked a retail shift toward the buying and selling of goods\nthrough eCommerce. As the shift continues, the card would fill the need for a reliable,\nprivate, and secure method for both consumers and sellers to authenticate one another.\nAdditionally, the card could serve as an eWallet, allowing consumers to store information,\nsuch as credit card accounts, and cash needed for purchasing products online or in\nperson. Finally, the Global Card could offer consumers a convenient way to consolidate\nmultiple-vendor loyalty programs onto a single, easy-to-manage card.\n\nOnce again, given the increased security of smart cards relative to magnetic stripe cards\n(or the user and password identity management system traditionally used online), the\nGlobal Card could offer a valuable vehicle for secure and portable data storage with\nprocessing capability. For example, a user\xe2\x80\x99s healthcare and medical records, in addition\nto insurance information, could be stored and updated on the Global Card. Beyond its\nday-to-day convenience, such an application could be invaluable in the event of an\nemergency when quick access to one\xe2\x80\x99s medical history is needed.\n\n\n\n\n6\n  U.S. Postal Service Office of Inspector General, The Postal Service Role in the Digital Age Part 2: Expanding the\nDigital Platform, Report No. RARC-WP-11-003, April 19, 2011, http://www.uspsoig.gov/foia_files/RARC-WP-11-\n003.pdf\n7\n  U.S. Postal Service Office of Inspector General, eMailbox and eLockbox: Opportunities for the Postal Service,\nReport No. RARC WP-12-003, November 14, 2011, http://www.uspsoig.gov/foia_files/RARC-WP-12-003.pdf.\n8\n  Positive network effects are present when the value of the network to its users increases as the network\xe2\x80\x99s user base\ngrows.\n\n\n                                                          5\n\x0cU.S. Postal Service Office of Inspector General                              February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                  RARC-WP-12-006\n\n\nThere are numerous other applications that could be optionally loaded onto the Global\nCard should the user opt for them. For example, the card could serve as an ID and\naccess key for university students, including such features as physical and network\naccess to university resources for authorized students. An eAllowance application or\n The Global Card would be         prepaid card capability could provide parents with a\n consumer-centric; allowing       convenient way to manage student spending and perform\n users to opt into                card fund-loading and reloading with cash or electronic\n applications based on            fund transfer as needed. Alternatively, the Global Card\n personal preference and          could serve as a single sign-on access key in partnership\n need.                            with state and local governments, providing services such\nas paying traffic and parking citations, water bills, or property taxes. Additionally, the\nGlobal Card could be used as identification for public transportation and toll payment\naccounts, similar to an E-Z Pass Toll card.\n\nThe functional possibilities of the card are endless. As an open and flexible platform, the\nGlobal Card is intended to provide third parties with an appropriate forum to innovate and\nprovide consumers with any number of useful applications, some of which have been\nmentioned above, while many others have yet to be imagined. It is, however, also\nimportant to emphasize that the Global Card would be consumer-centric, allowing users\nto opt into applications based on personal preference and need. The Global Card would\noffer greater convenience and efficiency in both physical and digital transactions than\nmany currently available options, while also providing a vehicle for the secure storage of a\nuser\xe2\x80\x99s personal and account information.\n\nSecurity\nIn addition to their convenience, smart cards offer an increased level of security and\nprivacy unmatched by traditional magnetic stripe cards and online username and\npassword identity management systems. By storing information           A USPS-offered\ninternally, rather than externally, smart cards are significantly      smart card could\nmore difficult to duplicate than their magnetic stripe counterparts.   provide consumers\nSimilarly, authentication by smart card eliminates much of the risk with a powerful\nassociated with identity theft due to user error such as poor          antifraud and\npassword choice and repeated passwords across multiple                 identity theft\naccounts. As a result, a USPS-offered smart card could provide         prevention tool.\nconsumers with a powerful antifraud and identity theft prevention tool.\nThere traditionally has been a strong cultural inclination in the United States to reject a\ncentralized, government-sponsored ID management system. Therefore, it will be\nnecessary to clearly communicate the security and privacy benefits of the Global Card, as\nwell as to set up a strong policy infrastructure that supports and maintains these benefits\nbefore card implementation. Additionally, in accordance with the trend toward consumer-\ncentric communications and transactions, providing consumers with complete control and\nchoice over card security and privacy settings beyond those defined by the card\xe2\x80\x99s\noperating system would also likely mitigate potential apprehension regarding a USPS-\noffered Global Card.\n\n\n\n                                                  6\n\x0cU.S. Postal Service Office of Inspector General                                                   February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                       RARC-WP-12-006\n\n\nFor example, by allowing users to choose from several scalable security and privacy-level\noptions, ranging from a low to high-level, and to further personalize these settings based\non individual preference, the consumer maintains absolute control over the information\nstored on the card, including the type of information, whether that information is backed-\nup, and where that back-up occurs. Specifically, if a user opts for a higher-level security\nsetting that requires use of a biometric indicator, such as a thumbprint to access sensitive\nfiles, the user may also choose whether this print is stored solely on the card or also\nbacked-up in an external government database.9\nThere are numerous other ways smart cards such as the proposed Global Card can\nincrease privacy and security for both physical and digital transactions. For example, a\nsmart card enables multifactor authentication in transactions and access control.\nMultifactor authentication refers to the use of two or more authentication factors, which\nmay include something the user knows (e.g., password or PIN) or something the user is\n(e.g., biometric characteristic such as a thumbprint), in addition to something the user has\n(e.g., the Global Card) before the card can be accessed or used in a transaction.\nAdditionally, the Global Card may limit the amount of data that is revealed in transactions.\nSpecifically, the card may be setup to provide binary (e.g., \xe2\x80\x9cyes\xe2\x80\x9d or \xe2\x80\x9cno\xe2\x80\x9d) responses to\nquestions by an outside party about the user\xe2\x80\x99s identity or some attribute of that identity.\nFor example, when confirming that a person is 21 years old, the answer returned to the\nquestioning party would be \xe2\x80\x9cyes\xe2\x80\x9d or \xe2\x80\x9cno\xe2\x80\x9d; divulging one\xe2\x80\x99s date of birth is not necessary.\nSimilarly, because the Global Card enables users to link their digital or eMailbox address\nto their physical address, users may maintain physical address anonymity by providing\nthe digital equivalent in transactions requiring physical address authentication.\nRegardless of communications mode, the card would have to employ superior encryption\nto maintain security.\nSmart cards also allow for a number of other security and privacy control precautions to\nbe established. In particular, smart cards provide a greater level of access control by\nenabling users to restrict data released to authorized service providers. For example, a\nuser could specify that medical records only be released to or updated by his/her\npersonal doctor. Additionally, stored and transmitted data may be encrypted so that only\nparties with a valid key may access the data. Biometric data such as a thumbprint may\nalso be stored on the card to be used in authentication procedures in an effort to reduce\nidentity theft.\nIn terms of redundancy and back-up considerations, given the large amount and\nsensitivity of the data that could be stored on the Global Card, the user may choose\nwhether or not the card\xe2\x80\x99s memory should be backed-up and where that back-up should\nbe stored. Because the embedded chip is a microprocessor, data stored on the card is\nsegmented, preventing unauthorized applications from accessing another application\xe2\x80\x99s\ndata and enabling users to choose varying levels of security on a file-by-file basis.\n\n\n\n9\n  Daniel Castro, Explaining International Leadership: Electronic Identification Systems, The Information Technology &\nInnovation Foundation, September 2011, http://www.itif.org/files/2011-e-id-report.pdf.\n\n\n                                                          7\n\x0cU.S. Postal Service Office of Inspector General                                                      February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                                          RARC-WP-12-006\n\n\nFinally, the Postal Service is well-positioned to provide Global Card users with a level of\nsecurity consistent with the needs of any card carrying sensitive, personal information.\nFirst, a readily available, multichannel infrastructure is accessible to users needing to\nreport a lost or stolen card through the well-established physical presence of Post Office\nlocations across the country, the Postal Service online access point at usps.com, and via\n1-800-ASK-USPS. Second, the Postal Service\xe2\x80\x99s law enforcement component uniquely\nprovides a legally authorized and experienced mechanism through which Global Card\nconsumers would be protected against criminal intent such as fraud or identity theft.\nThe Registration Process\nShould the Postal Service choose to pursue a multifunction smart card product such as\nthe Global Card, Figure 2 presents each step in the card registration process:\n                        Figure 2: The USPS Global Card Registration Process\n\n\n               STEP I                  \xe2\x80\xa2 The Global Card is offered on an "opt-in" basis to consumers 18 and older.\n                                       \xe2\x80\xa2 Users indicate whether they would like to opt into the e-ID application of the\n   The consumer opts in for the          card and choose which of the digital certificates they would like to obtain.\n     USPS Global Card via an           \xe2\x80\xa2 Additionally, during this step users will have the opportunity to link their\n    online registration process.         USPS provided eMailbox to the card.\n\n\n                                       \xe2\x80\xa2 The consumer has the option of completing in-person verification at a Post\n                                         Office or with a mail carrier in the consumer\'s home or at one of many\n              STEP II                    convenient and temporary kiosks staffed by postal employees.\n   The consumer completes in-          \xe2\x80\xa2 During in-person verification, the consumer will be required to provide proof\n   person verification at a Post         of registration (generated upon completion of Step I), a bill or statement\n                                         addressed to him/her, and a government issued ID.\n   Office or with a mail carrier.\n                                       \xe2\x80\xa2 The clerk or carrier collects any biometric information the user wishes to\n                                         include on the card.\n\n\n                                       \xe2\x80\xa2 Once registered and verified, the Global Card is issued to the consumer at\n            STEP III                     the Post Office or sent to the consumer\'s physical address via Priority Mail\n   The Global Card is issued to          with Signature Confirmation.\n         the consumer.                 \xe2\x80\xa2 A smart card reader may also be purchased at the time of registration and\n                                         delivered with the card if the consumer chooses.\n\n\n\n            STEP IV                    \xe2\x80\xa2 Once the card is issued, the consumer activates the card online.\n   The consumer activates the          \xe2\x80\xa2 The consumer may also opt into additional optional applications.\n    card and sets up security          \xe2\x80\xa2 Security preferences, including security and privacy level and other\n     settings and additional             features, such as whether the card\'s memory is backed-up on a PC or an\n      optional applications.             external card management server, are specified.\n\n\n                                       \xe2\x80\xa2 After card set-up, the user is able to access and manage the Global Card\n             STEP V                      anywhere and anytime through computers and mobile devices using a\n                                         smart card reader.\n   The consumer accesses and           \xe2\x80\xa2 The card\'s dynamic application operating system enables users to update\n     manages the Global Card             and download applications and security settings and features after card\n    from a computer or mobile            issuance, as they become available.\n             device.                   \xe2\x80\xa2 If the card is lost or stolen, the consumer may terminate, erase, and replace\n                                         the card at a Post Office, online, or by calling 1-800-ASK-USPS.\n\nSource: OIG Analysis\n\n\n\n\n                                                        8\n\x0cU.S. Postal Service Office of Inspector General                               February 13, 2012\nThe USPS Global Card: A Conceptual Analysis                                   RARC-WP-12-006\n\n\nBusiness Model\nThough this paper outlines a wide range of potential applications, not all of these would\nhave to be launched simultaneously. Depending on cost, complexity, and technology\nrequirements, services utilizing the Global Card platform could be phased in over time.\nThe card\xe2\x80\x99s liability would have to be designed to minimize risk to the Postal Service as\nwell as assigning liability to partners when appropriate.\n\nCritical to the launch of any new product is the potential for financial viability. The Global\nCard should eventually generate a new line of revenue which could be developed through\ntwo sources. First, consumer fees would be generated from a variety of services provided\nthrough the card. The basic card could either be issued for a minimum charge and would\ninclude services such as electronic identification, a digital signature,\nauthentication/credentialing for an eMailbox, and serving as an access key for postal\nservices. However, additional fees could be charged for optional or add-on services\nincluding the incorporation of biometric data, card insurance and replacement, archiving\nand/or mobile storage, redundancy/back-up services, currency transaction fees for\ndepositing or cashing digital money, and use for contactless payment such as the\nWashington Metro\xe2\x80\x99s Smartrip card or the popular E-Z pass toll card.\n\nA second and potentially more lucrative source of revenue is through partners interested\nin providing additional services on the card. Such an arrangement would also help to\nmitigate risk at a time when the Postal Service is continuing to operate at a significant\nloss. Revenue sharing, an area in which the Postal Service already has significant\nexperience, is possible in a wide range of products including loyalty programs (e.g.,\nhotels, airlines, grocery stores); digital currency partners such as Visa, Moneygram, and\nPayPal; healthcare and insurance companies; and even federal, state, and local\ngovernments who want to use the card\xe2\x80\x99s digital signature, authentication, and identity\nbinding features to conduct on-line business with citizens. The Postal Service could share\nproceeds with partners from those services that customers select.\n\nThe Global Card will not be the only multifunction smart card on the market for\nconsumers. Other providers will offer similar functions and services. The core purposes\nof the card \xe2\x80\x93 an address-based digital authentication tool providing postal services, a\ngateway to eGovernment, and digital services to the underserved \xe2\x80\x93 is parallel to the\nservices that the Postal Service has provided in the physical world.\n\nConclusion\nThe Postal Service holds a unique position that will present it with numerous opportunities\nto bridge the market gaps and shortcomings of the current Internet-based economy. The\nGlobal Card offers one solution to today\xe2\x80\x99s inadequate security and privacy settings in\ndigital and even physical communications and transactions, while also improving the\nconvenience and efficiency with which these transactions are executed. This paper\npresents a unique opportunity for the Postal Service to leverage its valuable assets and\nits mandated role, while also improving the quality of life for American citizens in a rapidly\nchanging and increasingly mobile world.\n\n\n                                                  9\n\x0c'